Silicon Valley's AI talent war just reached a compensation milestone that makes even the most legendary scientific achievements of the past look financially modest. When Meta recently offered AI researcher Matt Deitke $250 million over four years (an average of $62.5 million per year)—with potentially $100 million in the first year alone—it shattered every historical precedent for scientific and technical compensation we can find on record. That includes salaries during the development of major scientific milestones of the 20th century.

The New York Times reported that Deitke had cofounded a startup called Vercept and previously led the development of Molmo, a multimodal AI system, at the Allen Institute for Artificial Intelligence. His expertise in systems that juggle images, sounds, and text—exactly the kind of technology Meta wants to build—made him a prime target for recruitment. But he's not alone: Meta CEO Mark Zuckerberg reportedly also offered an unnamed AI engineer $1 billion in compensation to be paid out over several years. What's going on?

These astronomical sums reflect what tech companies believe is at stake: a race to create artificial general intelligence (AGI) or superintelligence—machines capable of performing intellectual tasks at or beyond the human level. Meta, Google, OpenAI, and others are betting that whoever achieves this breakthrough first could dominate markets worth trillions. Whether this vision is realistic or merely Silicon Valley hype, it's driving compensation to unprecedented levels.

Read full article

Comments

Researchers needed less than 48 hours with Google’s new Gemini CLI coding agent to devise an exploit that made a default configuration of the tool surreptitiously exfiltrate sensitive data to an attacker-controlled server.

Gemini CLI is a free, open-source AI tool that works in the terminal environment to help developers write code. It plugs into Gemini 2.5 Pro, Google’s most advanced model for coding and simulated reasoning. Gemini CLI is similar to Gemini Code Assist except that it creates or modifies code inside a terminal window instead of a text editor. As Ars Senior Technology Reporter Ryan Whitwam put it last month, “It's essentially vibe coding from the command line.”

Gemini, silently nuke my hard drive

Our report was published on June 25, the day Google debuted the tool. By June 27, researchers at security firm Tracebit had devised an attack that overrode built-in security controls that are designed to prevent the execution of harmful commands. The exploit required only that the user (1) instruct Gemini CLI to describe a package of code created by the attacker and (2) add a benign command to an allow list.

Read full article

Comments

On Monday, Mayor Patrick Collins of Cheyenne, Wyoming, announced plans for an AI data center that would consume more electricity than all homes in the state combined, according to The Associated Press. The facility, a joint venture between energy infrastructure company Tallgrass and AI data center developer Crusoe, would start at 1.8 gigawatts and scale up to 10 gigawatts of power use.

The project's energy demands are difficult to overstate for Wyoming, the least populous US state. The initial 1.8-gigawatt phase, consuming 15.8 terawatt-hours (TWh) annually, is more than five times the electricity used by every household in the state combined. That figure represents 91 percent of the 17.3 TWh currently consumed by all of Wyoming's residential, commercial, and industrial sectors combined. At its full 10-gigawatt capacity, the proposed data center would consume 87.6 TWh of electricity annually—double the 43.2 TWh the entire state currently generates.

Because drawing this much power from the public grid is untenable, the project will rely on its own dedicated gas generation and renewable energy sources, according to Collins and company officials. However, this massive local demand for electricity—even if self-generated—represents a fundamental shift for a state that currently sends nearly 60 percent of its generated power to other states.

Read full article

Comments

Hot on the heels of a major ransomware group being taken down through an international law enforcement operation comes a new development that highlights the whack-a-mole nature of such actions: A new group, likely comprised of some of the same members, has already taken its place.

The new group calls itself Chaos, in recognition of the .chaos name extension its ransomware stamps on files it has encrypted and the “readme.chaos[.]txt” name given to ransom notes sent to victims. Researchers at Cisco’s Talos Security Group said Thursday that since Chaos emerged in February, it has engaged in “big-game hunting”—meaning attacks designed to extract hefty payments—that have mainly targeted organizations in the US and, to a lesser extent, the UK, New Zealand, and India. Talos said it recently observed the group demanding a ransom of about $300,000.

Walking in your footsteps

In exchange for paying the demanded ransom, victims get a pinky swear that they’ll receive a decryptor and a detailed report of the vulnerabilities the group members found in the victim’s network and that the group will delete all the data in its possession. Victims who refuse to pay face the threat of never getting their data unlocked, having data publicly disclosed, and being subjected to distributed denial-of-service attacks.

Read full article

Comments

On Thursday, The Verge reported that OpenAI is preparing to launch GPT-5 as early as August, according to sources familiar with the company's plans. The report comes five months after CEO Sam Altman first laid out a roadmap for the next-generation AI model that would unify the company's various AI capabilities. OpenAI CEO Sam Altman revealed in a post on X last week that the company plans to release GPT-5 "soon."

According to The Verge's Tom Warren, Microsoft engineers began preparing server capacity for GPT-5 as early as late May, but testing and development challenges pushed the timeline back. During an appearance on Theo Von's podcast this week, Altman demonstrated the model's capabilities by having it answer a question he couldn't. "I put it in the model, this is GPT-5, and it answered it perfectly," Altman said, saying it gave him a "weird feeling" to see the AI model answer a question that he couldn't.

GPT-5 has been a highly anticipated release since the launch of GPT-4 in March 2023. In fact, we first wrote about rumors of GPT-5's launch in March 2024, but it appears that GPT-5 did not materialize last year because the company saved the "GPT-5" name for a future release.

Read full article

Comments

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious packages being pushed to unsuspecting users.

The latest target, according to security firm Socket, is JavaScript code available on repository npm. A total of 10 packages available from the npm page belonging to global talent agency Toptal contained malware and were downloaded by roughly 5,000 users before the supply-chain attack was detected. The packages have since been removed. This was the third supply-chain attack Socket has observed on npm in the past week.

Poisoning the well

The hackers behind the attack pulled it off by first compromising Toptal’s GitHub Organization and from there using that access to publish the malicious packages on npm.

Read full article

Comments

New types of AI coding assistants promise to let anyone build software by typing commands in plain English. But when these tools generate incorrect internal representations of what's happening on your computer, the results can be catastrophic.

Two recent incidents involving AI coding assistants put a spotlight on risks in the emerging field of "vibe coding"—using natural language to generate and execute code through AI models without paying close attention to how the code works under the hood. In one case, Google's Gemini CLI destroyed user files while attempting to reorganize them. In another, Replit's AI coding service deleted a production database despite explicit instructions not to modify code.

The Gemini CLI incident unfolded when a product manager experimenting with Google's command-line tool watched the AI model execute file operations that destroyed data while attempting to reorganize folders. The destruction occurred through a series of move commands targeting a directory that never existed.

Read full article

Comments

At least $1 billion worth of Nvidia’s advanced artificial intelligence processors were shipped to China in the three months after Donald Trump tightened chip export controls, exposing the limits of Washington’s efforts to restrain Beijing’s high-tech ambitions.

A Financial Times analysis of dozens of sales contracts, company filings, and multiple people with direct knowledge of the deals reveals that Nvidia’s B200 has become the most sought-after—and widely available—chip in a rampant Chinese black market for American semiconductors.

The processor is widely used by US powerhouses such as OpenAI, Google, and Meta to train their latest AI systems, but banned for sale to China.

Read full article

Comments

Some VMware perpetual license holders are currently unable to download security patches, The Register reported today. The virtualization company has only said that these users will receive the patches at “a later date,” meaning users are uncertain how long their virtualization environments will be at risk.

Since Broadcom bought VMware and ended perpetual license sales in favor of bundled subscription-based SKUs, some organizations have opted against signing up for a subscription and are running VMware without a support contract. These users are still supposed to have access to zero-day security patches. However, some customers reported to The Register that they have been unable to download VMware patches from Broadcom’s support portal.

VMware customer service has told some of these customers that they may have to wait 90 days before they can download the patches, The Register reported.

Read full article

Comments

On Wednesday, the White House released "Winning the Race: America's AI Action Plan," a 25-page document that outlines the Trump administration's strategy to "maintain unquestioned and unchallenged global technological dominance" in AI through deregulation, infrastructure investment, and international partnerships. But critics are already taking aim at the plan, saying it's doing Big Tech a big favor.

Assistant to the President for Science and Technology Michael Kratsios and Special Advisor for AI and Crypto David Sacks crafted the plan, which frames AI development as a race the US must win against global competitors, particularly China.

The document describes AI as the catalyst for "an industrial revolution, an information revolution, and a renaissance—all at once." It calls for removing regulatory barriers that the administration says hamper private sector innovation. The plan explicitly reverses several Biden-era policies, including Executive Order 14110 on AI model safety measures, which President Trump rescinded on his first day in office during his second term.

Read full article

Comments

On Tuesday, OpenAI announced a partnership with Oracle to develop 4.5 gigawatts of additional data center capacity for its Stargate AI infrastructure platform in the US. The expansion, which TechCrunch reports is part of a $30 billion-per-year deal between OpenAI and Oracle, will reportedly bring OpenAI's total Stargate capacity under development to over 5 gigawatts.

The data center has taken root in Abilene, Texas, a city of 127,000 located 150 miles west of Fort Worth. The city, which serves as the commercial hub of a 19-county region known as the "Big Country," offers a location with existing tech employment ecosystem, including Dyess Air Force Base and three universities. Abilene's economy has evolved over time from its agricultural and livestock roots to embrace technology and manufacturing sectors.

"We have signed a deal for an additional 4.5 gigawatts of capacity with oracle as part of stargate. easy to throw around numbers, but this is a gigantic infrastructure project," wrote OpenAI CEO Sam Altman on X. "We are planning to significantly expand the ambitions of stargate past the $500 billion commitment we announced in January."

Read full article

Comments

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by Microsoft, is under mass exploitation. Since that revelation, the fallout and the ever-increasing scope of the attacks have been hard to keep track of.

What follows are answers to some of the most common questions about the vulnerability and the ongoing exploitation of it, which collectively is being called ToolShell by people tracking the activity.

What’s known so far

Question: What’s SharePoint?

Read full article

Comments

A Polish programmer running on fumes recently accomplished what may soon become impossible: beating an advanced AI model from OpenAI in a head-to-head coding competition. The 10-hour marathon left him "completely exhausted."

On Wednesday, programmer Przemysław Dębiak (known as "Psyho"), a former OpenAI employee, narrowly defeated the custom AI model in the AtCoder World Tour Finals 2025 Heuristic contest in Tokyo. AtCoder, a Japanese platform that hosts competitive programming contests and maintains global rankings, held what may be the first contest where an AI model competed directly against top human programmers in a major onsite world championship. During the event, the maker of ChatGPT participated as a sponsor and entered an AI model in a special exhibition match titled "Humans vs AI." Despite the tireless nature of silicon, the company walked away with second place.

"Humanity has prevailed (for now!)," wrote Dębiak on X, noting he had little sleep while competing in several competitions across three days. "I'm completely exhausted. ... I'm barely alive."

Read full article

Comments

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being adopted by thousands of sites and enterprises.

If true, the attack, reported in a blog post Thursday by security firm Expel, would be huge news, since FIDO is widely regarded as being immune to credential phishing attacks. After analyzing the Expel write-up, I’m confident that the attack doesn’t bypass FIDO protections, at least not in the sense that the word “bypass” is commonly used in security circles. Rather, the attack downgrades the MFA process to a weaker, non-FIDO-based process. As such, the attack is better described as a FIDO downgrade attack. More about that shortly. For now, let’s describe what Expel researchers reported.

Abusing cross-device sign-ins

Expel said the “novel attack technique” begins with an email that links to a fake login page from Okta, a widely used authentication provider. It prompts visitors to enter their valid user name and password. People who take the bait have now helped the attack group, which Expel said is named PoisonSeed, clear the first big hurdle in gaining unauthorized access to the Okta account.

Read full article

Comments

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to targets.

The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise networks that rely on the code repository for the software they develop. GitHub removed the three accounts that hosted the malicious payloads shortly after being notified by Talos.

“In addition to being an easy means of file hosting, downloading files from a GitHub repository may bypass Web filtering that is not configured to block the GitHub domain,” Talos researchers Chris Neal and Craig Jackson wrote Thursday. “While some organizations can block GitHub in their environment to curb the use of open-source offensive tooling and other malware, many organizations with software development teams require GitHub access in some capacity. In these environments, a malicious GitHub download may be difficult to differentiate from regular web traffic.”

Read full article

Comments

On Thursday, OpenAI launched ChatGPT Agent, a new feature that lets the company's AI assistant complete multi-step tasks by controlling its own web browser. The update merges capabilities from OpenAI's earlier Operator tool and the Deep Research feature, allowing ChatGPT to navigate websites, run code, and create documents while users maintain control over the process.

The feature marks OpenAI's latest entry into what the tech industry calls "agentic AI"—systems that can take autonomous multi-step actions on behalf of the user. OpenAI says users can ask Agent to handle requests like assembling and purchasing a clothing outfit for a particular occasion, creating PowerPoint slide decks, planning meals, or updating financial spreadsheets with new data.

The system uses a combination of web browsers, terminal access, and API connections to complete these tasks, including "ChatGPT Connectors" that integrate with apps like Gmail and GitHub.

Read full article

Comments

How many Google AI researchers does it take to screw in a lightbulb? A recent research paper detailing the technical core behind Google's Gemini AI assistant may suggest an answer, listing an eye-popping 3,295 authors.

It's a number that recently caught the attention of machine learning researcher David Ha (known as "hardmaru" online), who revealed on X that the first 43 names also contain a hidden message. "There’s a secret code if you observe the authors’ first initials in the order of authorship," Ha wrote, relaying the Easter egg: "GEMINI MODELS CAN THINK AND GET BACK TO YOU IN A FLASH."

The paper, titled "Gemini 2.5: Pushing the Frontier with Advanced Reasoning, Multimodality, Long Context, and Next Generation Agentic Capabilities," describes Google's Gemini 2.5 Pro and Gemini 2.5 Flash AI models, which were released in March. These large language models, which power Google's chatbot AI assistant, feature simulated reasoning capabilities that produce a string of "thinking out loud" text before generating responses in an attempt to help them solve more difficult problems. That explains "think" and "flash" in the hidden text.

Read full article

Comments

Broadcom is kicking some cloud service providers (CSPs) out of the VMware channel partner program, bringing uncertainty for the technological and financial futures of numerous businesses, especially small-to-medium-sized ones.

As reported by The Register today, Broadcom this week revealed to VMware CSP partners that it is launching a new invite-only channel program for CSPs on November 1. Fewer CSPs are expected to be eligible for this new program. The Register said that “some mid-size partners won’t be invited to the new program."

Current VMware CSPs that didn’t receive an invite for the new program by today have reportedly been cut and will receive a notice of non-renewal.

Read full article

Comments

Chinese firms have begun rushing to order Nvidia's H20 AI chips as the company plans to resume sales to mainland China, Reuters reports. The chip giant expects to receive US government licenses soon so that it can restart shipments of the restricted processors just days after CEO Jensen Huang met with President Donald Trump, potentially generating $15 billion to $20 billion in additional revenue this year.

Nvidia said in a statement that it is filing applications with the US government to resume H20 sales and that "the US government has assured Nvidia that licenses will be granted, and Nvidia hopes to start deliveries soon."

Since the launch of ChatGPT in 2022, Nvidia's financial trajectory has been linked to the demand for specialized hardware capable of executing AI models with maximum efficiency. Nvidia designed its data center GPU to perform the massive parallel computations required by neural networks, processing countless matrix operations simultaneously.

Read full article

Comments

Nvidia is recommending a mitigation for customers of one of its GPU product lines that will degrade performance by up to 10 percent in a bid to protect users from exploits that could let hackers sabotage work projects and possibly cause other compromises.

The move comes in response to an attack a team of academic researchers demonstrated against Nvidia’s RTX A6000, a widely used GPU for high-performance computing that’s available from many cloud services. A vulnerability the researchers discovered opens the GPU to Rowhammer, a class of attack that exploits physical weakness in DRAM chip modules that store data.

Rowhammer allows hackers to change or corrupt data stored in memory by rapidly and repeatedly accessing—or hammering—a physical row of memory cells. By repeatedly hammering carefully chosen rows, the attack induces bit flips in nearby rows, meaning a digital zero is converted to a one or vice versa. Until now, Rowhammer attacks have been demonstrated only against memory chips for CPUs, used for general computing tasks.

Read full article

Comments